39 matches found
CVE-2015-3152
creationtimestamp| type| source ---|---|--- 2026-05-22 12:39:13+00:00| seen| https://gist.github.com/rayepenber095/9265581788dc4d7e014abf52554d8b7f...
EUVD-2015-8704
Malware in sbrugna...
RHEL 6 / 7 : mariadb55-mariadb (RHSA-2015:1647)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1647 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client...
K16845: MySQL vulnerability CVE-2015-3152
Security Advisory Description An unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.7.2 and earlier allows an attacker to downgrade MySQL SSL/TLS connections, snoop database queries and results, or directly manipulate database contents. CVE-2015-3152 Impact Although the...
EulerOS Virtualization for ARM 64 3.0.2.0 : perl-DBD-MySQL (EulerOS-SA-2021-2072)
According to the versions of the perl-DBD-MySQL package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even thou...
EulerOS Virtualization for ARM 64 3.0.6.0 : perl-DBD-MySQL (EulerOS-SA-2020-2044)
According to the version of the perl-DBD-MySQL package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though...
Man-in-the-Middle Attack
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle...
openSUSE: Security Advisory for perl-DBD-mysql (openSUSE-SU-2018:1463-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES11 Security Update : perl-DBD-mysql (SUSE-SU-2018:1449-1) (BACKRONYM)
This update for perl-DBD-mysql fixes the following issues : - CVE-2017-10789: The DBD::mysql module when with mysqlssl=1 setting enabled, means that SSL is optional even though this setting's documentation has a 'your communication with the server will be encrypted' statement, which could lead...
pfSense < 2.2.4 Multiple Vulnerabilities (SA-15_07)
According to its self-reported version number, the remote pfSense install is prior to 2.2.4. It is, therefore, affected by multiple vulnerabilities as stated in the referenced vendor advisories. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid106496;...
Sql injection
The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...
CVE-2015-3152
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C aka libmysqlclient before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack...
CVE-2015-3152
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C aka libmysqlclient before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack...
Sql injection
ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...
CVE-2015-3152
The CVE-2015-3152 issue affects MySQL client libraries where the --ssl flag is treated as optional, allowing a MITM downgrade to cleartext SSL and server spoofing. Affected products/versions include Oracle MySQL prior to 5.7.3, Oracle MySQL Connector/C (libmysqlclient) prior to 6.1.3, and MariaDB...
openSUSE: Security Advisory for Security (openSUSE-SU-2015:2243-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2015:1788-1) (BACKRONYM)
MySQL was updated to version 5.5.45, fixing bugs and security issues. A list of all changes can be found on : - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-45.html - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html To fix the 'BACKRONYM' security issue CVE-2015-3152 the...
Mageia: Security Advisory (MGASA-2015-0279)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2015:1788-1 Security update for mysql
MySQL was updated to version 5.5.45, fixing bugs and security issues. A list of all changes can be found on: - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-45.html - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html To fix the 'BACKRONYM' security issue CVE-2015-3152 the...
Amazon Linux: Security Advisory (ALAS-2015-583)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...